Anti-virus experts have identified a mass-mailing worm that spreads by fooling users into believing that pornographic adult material has been found on their PCs.
The e-mail Baba-C worm tells users that the 'XXX content` found on their Windows PC can be hidden by running a program called Evidence Cleaner, says Brett Myroff, CEO of local Sophos distributor Netxactics.
"But in reality no X-rated content has been found on the PC, and clicking on the attached file runs the worm which will attempt to forward itself to other e-mail addresses and open a backdoor for hackers to gain access to the system," warns Myroff.
"Many people are worried about the adult material that inhabits areas of the Internet and don`t want it to reach their PC. It is also clear that the Internet is widely used for accessing hardcore sexual material.
"Either way, many people want to ensure their PC contains no evidence of XXX content, and may be tempted to follow this e-mail`s instructions if they are sent this worm," he says.
E-mails sent by the worm arrive with the subject: "Important! XXX sites found on your computer!" and contain the following message: "Windows Evidence Checker has found XXX content on your computer. You can hide your activities with Evidence Cleaner service. To run Evidence Cleaner click to quick shortcut attached. Warning! Your copy of Evidence Cleaner will be expired after 7 days. Today you can register for FREE. Please check attached instructions for more details."
The Baba-C worm is the second worm using a porn-related topic to spread to surface in the space of a week. On 15 January, yet another MyDoom variant surfaced, which used the lure of free passwords to adult sites as one of its techniques to spread.
Both worms are fairly virulent, but are unlikely to become particularly widespread, says Justin Stanford, CEO of anti-virus vendor NOD32 South Africa. "No significant samples are showing up on virus-radar.com at present.
"These two are not using any particularly new or unique techniques, and the porn concept has been used many times before. Also, a lot of people are used to receiving porn spam as well, and are likely to ignore these mails."
Related stories:
Worm rides tsunami
Survey predicts 'devastating` Net attack
Virus writers worked overtime at Christmas
Share